Remote Code Execution News, Articles and Updates

Juniper patched multiple vulnerabilities

Juniper Networks released more than a dozen security updates to patch a wide range of issues including two denial-of-service vulnerabilities and one for remote code execution.

Electroneum-mining operation now targeting Struts systems on Windows

The well-known Apache Struts 2 Jakarta Multipart Parser remote code execution cryptocurrency campaign, is now being used by cyber-criminals to mine Electroneum coin by targeting systems running Windows operating systems.

Spring break vulnerability jeopardises Pivotal Spring projects

A remote code execution flaw, dubbed Spring Break, affects various Pivotal Spring projects and could allow an attacker to run arbitrary commands on any machine running applications built using Spring Data REST.

Windows Installer service hacked to infect victims' systems with malware

Cyber-criminals are using a malware spam campaign to exploit a remote code execution vulnerability in Microsoft Office to download and execute malicious scripts on victims' systems.

Cisco updates router firmware to prevent remote code execution, DoS attacks

Cisco Systems on Wednesday issued 20 security updates, notably patching a critical vulnerability in two router products that could resulted in remote code execution or a denial of service condition.

Vulnerabilities including remote execution spotted in WDMyCloud products

A GulfTech researcher spotted multiple vulnerabilities In Western Digital's MyCloud products, some of which could lead to remote code execution and unauthorised access.

Microsoft bug CVE-2017-11882 exploited to deliver Loki information stealer

Attackers continue to exploit a recently patched remote code execution vulnerability in the Microsoft Equation Editor component of Microsoft Office, using the bug to deliver a modified version of Loki information-stealing malware.

Linux systemd flaw could leave systems open to a buffer overflow attack

Hackers could remotely execute code via malicious DNS query using Linux distributions that shipped with systemd versions 223 to 233, causing buffer overflow.

Project Zero hacking contest targets remote code execution flaws

Google's Project Zero unveiled an Android hacking contest that aims to discover flaws on the Nexus 6P and 5X devices.

We have the power: 'Smart' sockets could be enslaved to create botnet

Bitdefender has discovered vulnerabilities in a popular brand of 'smart' electrical socket which could lead to attacks on your local area network or the recruitment of the IoT device as part of a global botnet.

Attackers already pouncing on newly discovered ImageTragick vulnerability

Mere hours after word spread last week of a remote code execution vulnerability in the image-processing software ImageMagick, bad actors were already actively exploiting it in the wild

The wave of a wand won't patch the security bug found in ImageMagick

A security bug in ImageMagick, the free open source image processing software, is allowing cyber-criminals to attack vulnerable servers from afar.

PayPal's business site vulnerable to remote code execution

Michael Stepankin, also known as Artsploit, has disclosed a major vulnerability in PayPal's business site, allowing remote code execution.

Millions of smart TVs and remote control apps vulnerable

A new report from Trend Micro has suggested that 6.1 million apps for smart TVs and remote controls could be vulnerable to remote code execution attacks.

WinRAR vulnerability leaves users open to attack

Just unzipping files could infect systems because of a remote code vulnerability in WinRAR

Flaws found on Starbucks website open users to cyber-attack

Three critical vulnerabilities have been discovered on the Starbucks website.

Five critical bulletins discovered for Microsoft's Patch Tuesday

Yesterday's outcome of Microsoft's September Patch Tuesday included five critical bulletins.